ISO 27001 Transition Management

Organisations are recognising that from being a discriminator it will soon be a prerequisite to conducting business in many sectors

Alignment with the ISO 27001 standard can be a daunting task

Commissum’s experienced professionals are able to manage the transition process for you efficiently

ISO 27001 Transition Management Issues

Establishing the Information Security Management System (ISMS) necessary to achieve alignment with the ISO 27001 standard can be a daunting task. If done in-house, it is likely to divert significant resources and attention from the tactical demands of security management and administration, and from the business of the organisation in general. If you have decided to seek formal certification, you will wish to adopt a “right first time” approach, as failing to achieve it will not only reflect badly on your business and security management practices, but may also also significantly increase the cost of the process.

The UK Department of Trade and Industry (DTI) has published a roadmap for achieving alignment with ISO 27001. The process is complex, and for efficient and effective implementation it requires experience and knowledge of risk management, and the establishment of security controls and documentation.

Our Approach

The UK DTI guidance material stresses that an organisation should use risk management techniques to establish the scope and depth of requirement for security controls. Controls and processes must be appropriate to the business. Commissum’s experienced professionals are able to manage the process for you efficiently, the elements of the approach being: